Advice Request Webroot does not open secured browser for banking

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Muddy7

Level 2
Verified
Jun 27, 2014
64
Yes, but I thought that was talking about another feature, i.e. Password Manager. Isn't the feature hjlbx is referring to a feature of Identity Shield? Or is it I who am confused?
 
H

hjlbx

@Muddy7

The only way Webroot "knows" a password is connected to a specific website is via the password manager - set up by the user; there isn't some type of artificial intelligence in Webroot that knows password A is to be only entered in website A.

It's that simple...
 
H

hjlbx

https://www.unionbank.com/Images/WSA_ID_Shield_FAQs-V2_UnionBankBusiness_0712.pdf

Webroot Identity Shield is offered as a separate module WITHOUT Password Manager and without AV to customers of various banks.

See page 2, General Questions, “What does it protect?” Imho you don’t know what you’re talking about. End of.

Identity Shield protects login data from being stolen; it does not ensure that password A only gets entered into website A. Only password manager ensures correct entry of login details.

You can verify these facts directly with Webroot; they will confirm.
 

Muddy7

Level 2
Verified
Jun 27, 2014
64
Very different from the FUD generated by the incomplete and therefore misleading information given in the post of yours that I referred to at the beginning of this exchange (and indeed other posts of yours in this thread). This by the way is definitely my last post in this exchange.
 
  • Like
Reactions: milas
H

hjlbx

Very different from the FUD generated by the incomplete and therefore misleading information given in the post of yours that I referred to at the beginning of this exchange (and indeed other posts of yours in this thread). This by the way is definitely my last post in this exchange.

Then you should explain how Webroot really works... for the benefit of all mankind. :D
 
D

Deleted member 178

Of course it's important to note that this was done, not with actual malware but with test tools, so highly probable Webroot would work better against actual malware/keyloggers.

Test tools are surely whitelisted , remember WSA is a cloud AV, so people surely flagged those test tools.

The only way Webroot "knows" a password is connected to a specific website is via the password manager - set up by the user

That is true

This lock on the WSA icon ensure that the application is protected by ID shield.

74YfoVE.png


Webroot only protects supported browsers against keylogging; Internet Explorer, Chrome, Firefox (they might have added others). Webroot does NOT provide system-wide anti-keylogging protection.

You can add any executable to be protected. WSA just doesn't do it automatically.
 
  • Like
Reactions: milas
H

hjlbx

You can add any executable to be protected. WSA just doesn't do it automatically.

Yeah, I know. I didn't get into all that detail. The point I was trying to make is that WSA identity shield doesn't support every single browser known to mankind. There were\are problems with some browsers - and not the fault of WSA - but instead incompatibility issues that Webroot has no control over.

With Webroot there is big time fanboy syndrome...
 
D

Deleted member 178

For Edge (or other browsers) you have to manually protect it by adding its 2 executables.

You can see below, it is protected by WSA

 
Last edited by a moderator:

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Yes, but I thought that was talking about another feature, i.e. Password Manager. Isn't the feature hjlbx is referring to a feature of Identity Shield? Or is it I who am confused?
Yes @hjlbx does know what he is talking about. ;)
 

Online_Sword

Level 12
Verified
Honorary Member
Top Poster
Well-known
Mar 23, 2015
555
then you have a kinda anti-exe.

@Umbra , a long time ago I found that this option has a bug:

When I executed a .bat file and choose "Allow Once", then that bat script file would be allowed permanently.

I have reported this problem to the staff through Webroot Customer Service, but the staff replied that this option works well with .exe files.o_O

Then I told him that script is not exe. But he just required me to submit a memory dump.o_O

Then I gave up...
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
And I announce here and now that I'm NOT going to enter into a long debate on this. I'm quite happy for you to believe what you want to believe.
If you don't want to participate in this topic, then don't.
If you have nothing relevant to say on a certain matter then don't post.
Source: malwaretips.com Community Rules

Why doesn't Webroot open a new/separate secured browser window for banking and other financial transactions like most other malware solutions such as ESET, Kaspersky and Avast?
[...] I'm wondering though how does Webroot protect financial transactions without having to open a separate, secured browser window and all the other AV's (it seems) require a new secured window?

I don't know the exact science behind it, but under ID Protection, you can Add Applications to be protected. I do not know if IE protected by default, or other browsers.

upload_2016-3-18_13-11-35.png
 
  • Like
Reactions: milas
H

hjlbx

@Umbra , a long time ago I found that this option has a bug:

When I executed a .bat file and choose "Allow Once", then that bat script file would be allowed permanently.

I have reported this problem to the staff through Webroot Customer Service, but the staff replied that this option works well with .exe files.o_O

Then I told him that script is not exe. But he just required me to submit a memory dump.o_O

Then I gave up...

It is because Windows host processes are white-listed by Webroot = no way to block scripts - unless you add host processes to PC Security > Allow\Block Files > Block. However, when you run the next scan, Webroot will uninstall all host processes added to list. :confused:..... :eek: !!

Anyhow, I have experienced the same in testing Webroot.

I have found that processes that Webroot white-lists will create issues if you set to Monitor; sometimes the process will open as Allowed, sometimes Monitor.

I reported long time ago; never fixed = still happening.

Try it.... it is very easy to verify.
 
Last edited by a moderator:
  • Like
Reactions: frogboy
H

hjlbx

@Umbra , a long time ago I found that this option has a bug:

When I executed a .bat file and choose "Allow Once", then that bat script file would be allowed permanently.

I have reported this problem to the staff through Webroot Customer Service, but the staff replied that this option works well with .exe files.o_O

Then I told him that script is not exe. But he just required me to submit a memory dump.o_O

Then I gave up...

Even after system reboot - or within same user session ?

I can confirm with *.exe that if you select "Allow Once," it will be permitted during whole user session. However, it is reset, and will get another alert after reboot.
 

Online_Sword

Level 12
Verified
Honorary Member
Top Poster
Well-known
Mar 23, 2015
555
It is because Windows host processes are white-listed by Webroot = no way to block scripts

But when I execute a script for the first time, WSA could properly alert it. My problem is, there would be no more alerts if I only choose "Allow Once" in the first alert window.

Even after system reboot

I am not sure... I found this bug a long time ago, so I have forgotten the details...

I can confirm with *.exe that if you select "Allow Once," it will be permitted during whole user session.

But when I chose "Allow once" for an *.exe file, WSA would alert me again in the same session. I would test this again later.
 
Last edited:
  • Like
Reactions: frogboy
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top